google-cloud-container_analysis-v1 0.1.2 → 0.4.1

data/proto_docs/google/protobuf/timestamp.rb

@@ -70,7 +70,16 @@ module Google
     #         .setNanos((int) ((millis % 1000) * 1000000)).build();
     #
     #
-    # Example 5: Compute Timestamp from current time in Python.
+    # Example 5: Compute Timestamp from Java `Instant.now()`.
+    #
+    #     Instant now = Instant.now();
+    #
+    #     Timestamp timestamp =
+    #         Timestamp.newBuilder().setSeconds(now.getEpochSecond())
+    #             .setNanos(now.getNano()).build();
+    #
+    #
+    # Example 6: Compute Timestamp from current time in Python.
     #
     #     timestamp = Timestamp()
     #     timestamp.GetCurrentTime()

data/proto_docs/grafeas/v1/common.rb

@@ -0,0 +1,118 @@
+# frozen_string_literal: true
+
+# Copyright 2020 Google LLC
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#     https://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+# Auto-generated by gapic-generator-ruby. DO NOT EDIT!
+
+
+module Grafeas
+  module V1
+    # Metadata for any related URL information.
+    # @!attribute [rw] url
+    #   @return [::String]
+    #     Specific URL associated with the resource.
+    # @!attribute [rw] label
+    #   @return [::String]
+    #     Label to describe usage of the URL.
+    class RelatedUrl
+      include ::Google::Protobuf::MessageExts
+      extend ::Google::Protobuf::MessageExts::ClassMethods
+    end
+
+    # Verifiers (e.g. Kritis implementations) MUST verify signatures
+    # with respect to the trust anchors defined in policy (e.g. a Kritis policy).
+    # Typically this means that the verifier has been configured with a map from
+    # `public_key_id` to public key material (and any required parameters, e.g.
+    # signing algorithm).
+    #
+    # In particular, verification implementations MUST NOT treat the signature
+    # `public_key_id` as anything more than a key lookup hint. The `public_key_id`
+    # DOES NOT validate or authenticate a public key; it only provides a mechanism
+    # for quickly selecting a public key ALREADY CONFIGURED on the verifier through
+    # a trusted channel. Verification implementations MUST reject signatures in any
+    # of the following circumstances:
+    #   * The `public_key_id` is not recognized by the verifier.
+    #   * The public key that `public_key_id` refers to does not verify the
+    #     signature with respect to the payload.
+    #
+    # The `signature` contents SHOULD NOT be "attached" (where the payload is
+    # included with the serialized `signature` bytes). Verifiers MUST ignore any
+    # "attached" payload and only verify signatures with respect to explicitly
+    # provided payload (e.g. a `payload` field on the proto message that holds
+    # this Signature, or the canonical serialization of the proto message that
+    # holds this signature).
+    # @!attribute [rw] signature
+    #   @return [::String]
+    #     The content of the signature, an opaque bytestring.
+    #     The payload that this signature verifies MUST be unambiguously provided
+    #     with the Signature during verification. A wrapper message might provide
+    #     the payload explicitly. Alternatively, a message might have a canonical
+    #     serialization that can always be unambiguously computed to derive the
+    #     payload.
+    # @!attribute [rw] public_key_id
+    #   @return [::String]
+    #     The identifier for the public key that verifies this signature.
+    #       * The `public_key_id` is required.
+    #       * The `public_key_id` MUST be an RFC3986 conformant URI.
+    #       * When possible, the `public_key_id` SHOULD be an immutable reference,
+    #         such as a cryptographic digest.
+    #
+    #     Examples of valid `public_key_id`s:
+    #
+    #     OpenPGP V4 public key fingerprint:
+    #       * "openpgp4fpr:74FAF3B861BDA0870C7B6DEF607E48D2A663AEEA"
+    #     See https://www.iana.org/assignments/uri-schemes/prov/openpgp4fpr for more
+    #     details on this scheme.
+    #
+    #     RFC6920 digest-named SubjectPublicKeyInfo (digest of the DER
+    #     serialization):
+    #       * "ni:///sha-256;cD9o9Cq6LG3jD0iKXqEi_vdjJGecm_iXkbqVoScViaU"
+    #       * "nih:///sha-256;703f68f42aba2c6de30f488a5ea122fef76324679c9bf89791ba95a1271589a5"
+    class Signature
+      include ::Google::Protobuf::MessageExts
+      extend ::Google::Protobuf::MessageExts::ClassMethods
+    end
+
+    # Kind represents the kinds of notes supported.
+    module NoteKind
+      # Unknown.
+      NOTE_KIND_UNSPECIFIED = 0
+
+      # The note and occurrence represent a package vulnerability.
+      VULNERABILITY = 1
+
+      # The note and occurrence assert build provenance.
+      BUILD = 2
+
+      # This represents an image basis relationship.
+      IMAGE = 3
+
+      # This represents a package installed via a package manager.
+      PACKAGE = 4
+
+      # The note and occurrence track deployment events.
+      DEPLOYMENT = 5
+
+      # The note and occurrence track the initial discovery status of a resource.
+      DISCOVERY = 6
+
+      # This represents a logical "role" that can attest to artifacts.
+      ATTESTATION = 7
+
+      # This represents an available package upgrade.
+      UPGRADE = 8
+    end
+  end
+end

data/proto_docs/grafeas/v1/cvss.rb

@@ -0,0 +1,111 @@
+# frozen_string_literal: true
+
+# Copyright 2020 Google LLC
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#     https://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+# Auto-generated by gapic-generator-ruby. DO NOT EDIT!
+
+
+module Grafeas
+  module V1
+    # Common Vulnerability Scoring System version 3.
+    # For details, see https://www.first.org/cvss/specification-document
+    # @!attribute [rw] base_score
+    #   @return [::Float]
+    #     The base score is a function of the base metric scores.
+    # @!attribute [rw] exploitability_score
+    #   @return [::Float]
+    # @!attribute [rw] impact_score
+    #   @return [::Float]
+    # @!attribute [rw] attack_vector
+    #   @return [::Grafeas::V1::CVSSv3::AttackVector]
+    #     Base Metrics
+    #     Represents the intrinsic characteristics of a vulnerability that are
+    #     constant over time and across user environments.
+    # @!attribute [rw] attack_complexity
+    #   @return [::Grafeas::V1::CVSSv3::AttackComplexity]
+    # @!attribute [rw] privileges_required
+    #   @return [::Grafeas::V1::CVSSv3::PrivilegesRequired]
+    # @!attribute [rw] user_interaction
+    #   @return [::Grafeas::V1::CVSSv3::UserInteraction]
+    # @!attribute [rw] scope
+    #   @return [::Grafeas::V1::CVSSv3::Scope]
+    # @!attribute [rw] confidentiality_impact
+    #   @return [::Grafeas::V1::CVSSv3::Impact]
+    # @!attribute [rw] integrity_impact
+    #   @return [::Grafeas::V1::CVSSv3::Impact]
+    # @!attribute [rw] availability_impact
+    #   @return [::Grafeas::V1::CVSSv3::Impact]
+    class CVSSv3
+      include ::Google::Protobuf::MessageExts
+      extend ::Google::Protobuf::MessageExts::ClassMethods
+
+      module AttackVector
+        ATTACK_VECTOR_UNSPECIFIED = 0
+
+        ATTACK_VECTOR_NETWORK = 1
+
+        ATTACK_VECTOR_ADJACENT = 2
+
+        ATTACK_VECTOR_LOCAL = 3
+
+        ATTACK_VECTOR_PHYSICAL = 4
+      end
+
+      module AttackComplexity
+        ATTACK_COMPLEXITY_UNSPECIFIED = 0
+
+        ATTACK_COMPLEXITY_LOW = 1
+
+        ATTACK_COMPLEXITY_HIGH = 2
+      end
+
+      module PrivilegesRequired
+        PRIVILEGES_REQUIRED_UNSPECIFIED = 0
+
+        PRIVILEGES_REQUIRED_NONE = 1
+
+        PRIVILEGES_REQUIRED_LOW = 2
+
+        PRIVILEGES_REQUIRED_HIGH = 3
+      end
+
+      module UserInteraction
+        USER_INTERACTION_UNSPECIFIED = 0
+
+        USER_INTERACTION_NONE = 1
+
+        USER_INTERACTION_REQUIRED = 2
+      end
+
+      module Scope
+        SCOPE_UNSPECIFIED = 0
+
+        SCOPE_UNCHANGED = 1
+
+        SCOPE_CHANGED = 2
+      end
+
+      module Impact
+        IMPACT_UNSPECIFIED = 0
+
+        IMPACT_HIGH = 1
+
+        IMPACT_LOW = 2
+
+        IMPACT_NONE = 3
+      end
+    end
+  end
+end

data/proto_docs/grafeas/v1/package.rb

@@ -0,0 +1,144 @@
+# frozen_string_literal: true
+
+# Copyright 2020 Google LLC
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#     https://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+# Auto-generated by gapic-generator-ruby. DO NOT EDIT!
+
+
+module Grafeas
+  module V1
+    # This represents a particular channel of distribution for a given package.
+    # E.g., Debian's jessie-backports dpkg mirror.
+    # @!attribute [rw] cpe_uri
+    #   @return [::String]
+    #     Required. The cpe_uri in [CPE format](https://cpe.mitre.org/specification/)
+    #     denoting the package manager version distributing a package.
+    # @!attribute [rw] architecture
+    #   @return [::Grafeas::V1::Architecture]
+    #     The CPU architecture for which packages in this distribution channel were
+    #     built.
+    # @!attribute [rw] latest_version
+    #   @return [::Grafeas::V1::Version]
+    #     The latest available version of this package in this distribution channel.
+    # @!attribute [rw] maintainer
+    #   @return [::String]
+    #     A freeform string denoting the maintainer of this package.
+    # @!attribute [rw] url
+    #   @return [::String]
+    #     The distribution channel-specific homepage for this package.
+    # @!attribute [rw] description
+    #   @return [::String]
+    #     The distribution channel-specific description of this package.
+    class Distribution
+      include ::Google::Protobuf::MessageExts
+      extend ::Google::Protobuf::MessageExts::ClassMethods
+    end
+
+    # An occurrence of a particular package installation found within a system's
+    # filesystem. E.g., glibc was found in `/var/lib/dpkg/status`.
+    # @!attribute [rw] cpe_uri
+    #   @return [::String]
+    #     Required. The CPE URI in [CPE format](https://cpe.mitre.org/specification/)
+    #     denoting the package manager version distributing a package.
+    # @!attribute [rw] version
+    #   @return [::Grafeas::V1::Version]
+    #     The version installed at this location.
+    # @!attribute [rw] path
+    #   @return [::String]
+    #     The path from which we gathered that this package/version is installed.
+    class Location
+      include ::Google::Protobuf::MessageExts
+      extend ::Google::Protobuf::MessageExts::ClassMethods
+    end
+
+    # This represents a particular package that is distributed over various
+    # channels. E.g., glibc (aka libc6) is distributed by many, at various
+    # versions.
+    # @!attribute [rw] name
+    #   @return [::String]
+    #     Required. Immutable. The name of the package.
+    # @!attribute [rw] distribution
+    #   @return [::Array<::Grafeas::V1::Distribution>]
+    #     The various channels by which a package is distributed.
+    class PackageNote
+      include ::Google::Protobuf::MessageExts
+      extend ::Google::Protobuf::MessageExts::ClassMethods
+    end
+
+    # Details on how a particular software package was installed on a system.
+    # @!attribute [rw] name
+    #   @return [::String]
+    #     Output only. The name of the installed package.
+    # @!attribute [rw] location
+    #   @return [::Array<::Grafeas::V1::Location>]
+    #     Required. All of the places within the filesystem versions of this package
+    #     have been found.
+    class PackageOccurrence
+      include ::Google::Protobuf::MessageExts
+      extend ::Google::Protobuf::MessageExts::ClassMethods
+    end
+
+    # Version contains structured information about the version of a package.
+    # @!attribute [rw] epoch
+    #   @return [::Integer]
+    #     Used to correct mistakes in the version numbering scheme.
+    # @!attribute [rw] name
+    #   @return [::String]
+    #     Required only when version kind is NORMAL. The main part of the version
+    #     name.
+    # @!attribute [rw] revision
+    #   @return [::String]
+    #     The iteration of the package build from the above version.
+    # @!attribute [rw] kind
+    #   @return [::Grafeas::V1::Version::VersionKind]
+    #     Required. Distinguishes between sentinel MIN/MAX versions and normal
+    #     versions.
+    # @!attribute [rw] full_name
+    #   @return [::String]
+    #     Human readable version string. This string is of the form
+    #     <epoch>:<name>-<revision> and is only set when kind is NORMAL.
+    class Version
+      include ::Google::Protobuf::MessageExts
+      extend ::Google::Protobuf::MessageExts::ClassMethods
+
+      # Whether this is an ordinary package version or a sentinel MIN/MAX version.
+      module VersionKind
+        # Unknown.
+        VERSION_KIND_UNSPECIFIED = 0
+
+        # A standard package version.
+        NORMAL = 1
+
+        # A special version representing negative infinity.
+        MINIMUM = 2
+
+        # A special version representing positive infinity.
+        MAXIMUM = 3
+      end
+    end
+
+    # Instruction set architectures supported by various package managers.
+    module Architecture
+      # Unknown architecture.
+      ARCHITECTURE_UNSPECIFIED = 0
+
+      # X86 architecture.
+      X86 = 1
+
+      # X64 architecture.
+      X64 = 2
+    end
+  end
+end

data/proto_docs/grafeas/v1/vulnerability.rb

@@ -0,0 +1,245 @@
+# frozen_string_literal: true
+
+# Copyright 2020 Google LLC
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#     https://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+# Auto-generated by gapic-generator-ruby. DO NOT EDIT!
+
+
+module Grafeas
+  module V1
+    # A security vulnerability that can be found in resources.
+    # @!attribute [rw] cvss_score
+    #   @return [::Float]
+    #     The CVSS score of this vulnerability. CVSS score is on a scale of 0 - 10
+    #     where 0 indicates low severity and 10 indicates high severity.
+    # @!attribute [rw] severity
+    #   @return [::Grafeas::V1::Severity]
+    #     The note provider assigned severity of this vulnerability.
+    # @!attribute [rw] details
+    #   @return [::Array<::Grafeas::V1::VulnerabilityNote::Detail>]
+    #     Details of all known distros and packages affected by this vulnerability.
+    # @!attribute [rw] cvss_v3
+    #   @return [::Grafeas::V1::CVSSv3]
+    #     The full description of the CVSSv3 for this vulnerability.
+    # @!attribute [rw] windows_details
+    #   @return [::Array<::Grafeas::V1::VulnerabilityNote::WindowsDetail>]
+    #     Windows details get their own format because the information format and
+    #     model don't match a normal detail. Specifically Windows updates are done as
+    #     patches, thus Windows vulnerabilities really are a missing package, rather
+    #     than a package being at an incorrect version.
+    # @!attribute [rw] source_update_time
+    #   @return [::Google::Protobuf::Timestamp]
+    #     The time this information was last changed at the source. This is an
+    #     upstream timestamp from the underlying information source - e.g. Ubuntu
+    #     security tracker.
+    class VulnerabilityNote
+      include ::Google::Protobuf::MessageExts
+      extend ::Google::Protobuf::MessageExts::ClassMethods
+
+      # A detail for a distro and package affected by this vulnerability and its
+      # associated fix (if one is available).
+      # @!attribute [rw] severity_name
+      #   @return [::String]
+      #     The distro assigned severity of this vulnerability.
+      # @!attribute [rw] description
+      #   @return [::String]
+      #     A vendor-specific description of this vulnerability.
+      # @!attribute [rw] package_type
+      #   @return [::String]
+      #     The type of package; whether native or non native (e.g., ruby gems,
+      #     node.js packages, etc.).
+      # @!attribute [rw] affected_cpe_uri
+      #   @return [::String]
+      #     Required. The [CPE URI](https://cpe.mitre.org/specification/) this
+      #     vulnerability affects.
+      # @!attribute [rw] affected_package
+      #   @return [::String]
+      #     Required. The package this vulnerability affects.
+      # @!attribute [rw] affected_version_start
+      #   @return [::Grafeas::V1::Version]
+      #     The version number at the start of an interval in which this
+      #     vulnerability exists. A vulnerability can affect a package between
+      #     version numbers that are disjoint sets of intervals (example:
+      #     [1.0.0-1.1.0], [2.4.6-2.4.8] and [4.5.6-4.6.8]) each of which will be
+      #     represented in its own Detail. If a specific affected version is provided
+      #     by a vulnerability database, affected_version_start and
+      #     affected_version_end will be the same in that Detail.
+      # @!attribute [rw] affected_version_end
+      #   @return [::Grafeas::V1::Version]
+      #     The version number at the end of an interval in which this vulnerability
+      #     exists. A vulnerability can affect a package between version numbers
+      #     that are disjoint sets of intervals (example: [1.0.0-1.1.0],
+      #     [2.4.6-2.4.8] and [4.5.6-4.6.8]) each of which will be represented in its
+      #     own Detail. If a specific affected version is provided by a vulnerability
+      #     database, affected_version_start and affected_version_end will be the
+      #     same in that Detail.
+      # @!attribute [rw] fixed_cpe_uri
+      #   @return [::String]
+      #     The distro recommended [CPE URI](https://cpe.mitre.org/specification/)
+      #     to update to that contains a fix for this vulnerability. It is possible
+      #     for this to be different from the affected_cpe_uri.
+      # @!attribute [rw] fixed_package
+      #   @return [::String]
+      #     The distro recommended package to update to that contains a fix for this
+      #     vulnerability. It is possible for this to be different from the
+      #     affected_package.
+      # @!attribute [rw] fixed_version
+      #   @return [::Grafeas::V1::Version]
+      #     The distro recommended version to update to that contains a
+      #     fix for this vulnerability. Setting this to VersionKind.MAXIMUM means no
+      #     such version is yet available.
+      # @!attribute [rw] is_obsolete
+      #   @return [::Boolean]
+      #     Whether this detail is obsolete. Occurrences are expected not to point to
+      #     obsolete details.
+      # @!attribute [rw] source_update_time
+      #   @return [::Google::Protobuf::Timestamp]
+      #     The time this information was last changed at the source. This is an
+      #     upstream timestamp from the underlying information source - e.g. Ubuntu
+      #     security tracker.
+      class Detail
+        include ::Google::Protobuf::MessageExts
+        extend ::Google::Protobuf::MessageExts::ClassMethods
+      end
+
+      # @!attribute [rw] cpe_uri
+      #   @return [::String]
+      #     Required. The [CPE URI](https://cpe.mitre.org/specification/) this
+      #     vulnerability affects.
+      # @!attribute [rw] name
+      #   @return [::String]
+      #     Required. The name of this vulnerability.
+      # @!attribute [rw] description
+      #   @return [::String]
+      #     The description of this vulnerability.
+      # @!attribute [rw] fixing_kbs
+      #   @return [::Array<::Grafeas::V1::VulnerabilityNote::WindowsDetail::KnowledgeBase>]
+      #     Required. The names of the KBs which have hotfixes to mitigate this
+      #     vulnerability. Note that there may be multiple hotfixes (and thus
+      #     multiple KBs) that mitigate a given vulnerability. Currently any listed
+      #     KBs presence is considered a fix.
+      class WindowsDetail
+        include ::Google::Protobuf::MessageExts
+        extend ::Google::Protobuf::MessageExts::ClassMethods
+
+        # @!attribute [rw] name
+        #   @return [::String]
+        #     The KB name (generally of the form KB[0-9]+ (e.g., KB123456)).
+        # @!attribute [rw] url
+        #   @return [::String]
+        #     A link to the KB in the [Windows update catalog]
+        #     (https://www.catalog.update.microsoft.com/).
+        class KnowledgeBase
+          include ::Google::Protobuf::MessageExts
+          extend ::Google::Protobuf::MessageExts::ClassMethods
+        end
+      end
+    end
+
+    # An occurrence of a severity vulnerability on a resource.
+    # @!attribute [rw] type
+    #   @return [::String]
+    #     The type of package; whether native or non native (e.g., ruby gems, node.js
+    #     packages, etc.).
+    # @!attribute [rw] severity
+    #   @return [::Grafeas::V1::Severity]
+    #     Output only. The note provider assigned severity of this vulnerability.
+    # @!attribute [rw] cvss_score
+    #   @return [::Float]
+    #     Output only. The CVSS score of this vulnerability. CVSS score is on a
+    #     scale of 0 - 10 where 0 indicates low severity and 10 indicates high
+    #     severity.
+    # @!attribute [rw] package_issue
+    #   @return [::Array<::Grafeas::V1::VulnerabilityOccurrence::PackageIssue>]
+    #     Required. The set of affected locations and their fixes (if available)
+    #     within the associated resource.
+    # @!attribute [rw] short_description
+    #   @return [::String]
+    #     Output only. A one sentence description of this vulnerability.
+    # @!attribute [rw] long_description
+    #   @return [::String]
+    #     Output only. A detailed description of this vulnerability.
+    # @!attribute [rw] related_urls
+    #   @return [::Array<::Grafeas::V1::RelatedUrl>]
+    #     Output only. URLs related to this vulnerability.
+    # @!attribute [rw] effective_severity
+    #   @return [::Grafeas::V1::Severity]
+    #     The distro assigned severity for this vulnerability when it is available,
+    #     otherwise this is the note provider assigned severity.
+    # @!attribute [rw] fix_available
+    #   @return [::Boolean]
+    #     Output only. Whether at least one of the affected packages has a fix
+    #     available.
+    class VulnerabilityOccurrence
+      include ::Google::Protobuf::MessageExts
+      extend ::Google::Protobuf::MessageExts::ClassMethods
+
+      # A detail for a distro and package this vulnerability occurrence was found
+      # in and its associated fix (if one is available).
+      # @!attribute [rw] affected_cpe_uri
+      #   @return [::String]
+      #     Required. The [CPE URI](https://cpe.mitre.org/specification/) this
+      #     vulnerability was found in.
+      # @!attribute [rw] affected_package
+      #   @return [::String]
+      #     Required. The package this vulnerability was found in.
+      # @!attribute [rw] affected_version
+      #   @return [::Grafeas::V1::Version]
+      #     Required. The version of the package that is installed on the resource
+      #     affected by this vulnerability.
+      # @!attribute [rw] fixed_cpe_uri
+      #   @return [::String]
+      #     The [CPE URI](https://cpe.mitre.org/specification/) this vulnerability
+      #     was fixed in. It is possible for this to be different from the
+      #     affected_cpe_uri.
+      # @!attribute [rw] fixed_package
+      #   @return [::String]
+      #     The package this vulnerability was fixed in. It is possible for this to
+      #     be different from the affected_package.
+      # @!attribute [rw] fixed_version
+      #   @return [::Grafeas::V1::Version]
+      #     Required. The version of the package this vulnerability was fixed in.
+      #     Setting this to VersionKind.MAXIMUM means no fix is yet available.
+      # @!attribute [rw] fix_available
+      #   @return [::Boolean]
+      #     Output only. Whether a fix is available for this package.
+      class PackageIssue
+        include ::Google::Protobuf::MessageExts
+        extend ::Google::Protobuf::MessageExts::ClassMethods
+      end
+    end
+
+    # Note provider assigned severity/impact ranking.
+    module Severity
+      # Unknown.
+      SEVERITY_UNSPECIFIED = 0
+
+      # Minimal severity.
+      MINIMAL = 1
+
+      # Low severity.
+      LOW = 2
+
+      # Medium severity.
+      MEDIUM = 3
+
+      # High severity.
+      HIGH = 4
+
+      # Critical severity.
+      CRITICAL = 5
+    end
+  end
+end